/
Configuring Remediation in Windows

Use https://seceonhelp.freshdesk.com/support/login to access updated Knowledge Base Articles, Submit Technical Support Tickets and Review Status of submitted support tickets.

Configuring Remediation in Windows

Overview

This document will help you to Configure Remediation in Windows.


For pushing remediation policies into Active Directory, it is necessary to install FreeSSHd - SSH Server in the Windows Collector Server(s). This will enable policies to be pushed from CCE. A username password will also be necessary to be created to access it from CCE.

Steps Of Configuration

Step 1: Download FreeSSHd on Windows Server from http://www.freesshd.com/freeSSHd.exe

1.1  Install this setup after downloading


  • Select Yes and finish
  • Now open Free SSHd from desktop or by searching
  • Create a User and follow the steps in the following images

In this example system Domain: SECEONLAB.COM is used

As in fig  below:

Figure: Windows Power Shell

Figure: SSH Setting

  • Open Windows Firewall with Advanced Security and create a new inbound rule

Figure: Windows Firewall with Advanced Security

  • Select TCP and port 22

Figure: New Inbound Role Wizard

  • Now login the credentials in Putty or any other ssh s/w.
  • After this setup needs a restart.

Reference:http://www.windowsnetworking.com/articles-tutorials/windows-server-2008/install-SSH-Server-Windows-Server-2008.html

Step 2:   Access control for CCE

Figure: Access control for CCE

  • Click “Next” after it is done.
  • In some versions, At the Windows server, Open Control Panel -> Programs and Features -> Turn On/Off Windows Features .
  • Find "Remote Server Administration Tools" and expand it.   Expand "Role Administration Tools". Find "AD DS And AD LDS Tools" and expand it.
  • Check the box next to "Active Directory Module . For Windows Power Shell". Click OK and allow Windows to install the feature.

Related content

How-to articles
How-to articles
Read with this
SSH Tunnel Setup for DC/DR Setup
SSH Tunnel Setup for DC/DR Setup
More like this
Feeds/Inputs to aiSIEM
Feeds/Inputs to aiSIEM
Read with this
Sophos: XG Remediator setup
Sophos: XG Remediator setup
More like this
Threat Indicators Generated from Windows Events
Threat Indicators Generated from Windows Events
Read with this
From Source Windows Server
From Source Windows Server
More like this

Seceon Inc. All rights reserved. https://www.seceon.com